Contents

Fedora Package Database

Please See the project page for the latest developments on the PackageDB. Information on this page will gradually be moved there.

The Fedora Package Database aims to consolidate the information on the packages present in Fedora Package Collection. It will allow us to perform queries on packages and their maintainers as well as some of the administrative tasks associated with them (branch requests, etc.)

Code

Code for the package DB is in a bazaar repository. Check it out using:

Test Version

There are two test servers up for people to look at. Development Snapshot is there for people who want to see what's currently being developed. This instance may be broken at any given time as it's what we're actually working on and testing out. Version 0.2 of the PackageDB is deployed for people who want to look at what's working now. This server will be synced with development whenever the development tree is runnable. As of 15 March 2007, this tree has a feature complete GUI. I'm working on writing the backend that communicates changes to the database to the cvs repository and bugzilla.

Documentation on the Wiki

Roadmap Lists the steps we need to take to implement the PackageDB. As we evolve what we want in it, we'll evolve milestones and featuresets we want by FC7, FC8, and beyond.

Schema Has the schema for the package DB. The schema is written for postgresql.

Goals of the Package Database

These below are a few higher priority items that we keep discussing as needed in FESCO meetings.

per-package per-branch fine grained ownership

multiple owners possible

package groups, subscription, notification

views of packages, change history and associated bugs

tracking of MIA owners, auto-nag, timeout, notification

tracking of neglected packages, timeout, notification

tracking of orphans

The above would allow things like:

Build a package that breaks deps of other things in the distro. A background job detects this, and automatically notifies owners and whoever subscribed to watch affected packages.

Security team could know at-a-glance what is being neglected and step-in.

per package rpmlint exception, so that a script can be created which as part of the build on the buildserver runs rpmlint on the created rpms and fails the resulting packages if they give any warnings/errors not on the exception list.

Later we will be able to add things like:

All of the other informational metadata that wasn't required by the above but would be useful to view and search. This includes stuff like dependencies.

ACL access grant and revocation by owners at the package/branch level (this will become more important as we move closer to merging Core and Extras)

Feature Tracking like IPv6 support (Josh Boyer's idea)

Other Ideas and Possibilities

Possibly an improved package review process outside of Bugzilla. (Warren is skeptical about this one but putting it here for further discussion.)

ability to have maintainers be included/excluded from secondary arch notifications.

An easy way to get at data remotely -- e.g. some sort of SOAP / XML-RPC / LDAP interface to query.

This allows us to submit build requests via scripts which talk to the Package DB.

Manage comps files or other groupings (troves?)

Manages notifications:

RSS feed of changes to a package.

Manage email notifications like extras-commits (and finer grained as well). So commit email would go to the package DB. Package DB would then disseminate to the extras-commits mailing list and people watching the package in particular.

Being able to watch another contributer: Is this best done in the package db or the accounts db? If the accounts db, then notifications from here have to be sent to the accountsdb for further processing.

Inheritable collections (collection foo is a subset of collection bar)

ACLs on building as well as committing

Ability to mark a build as having passed a QA check.

ExcludeArch

Upstream Versioning policy:

(01:24:04 PM) thl: abadger1999, would it possible to hae a field that stores a free text that describes how upstream releases new ersions??
(01:24:33 PM) thl: e.g. something like "foo 1.0 and 1.2 is the stable branch, foo 1.1 and 1.3 devel"
(01:25:37 PM) abadger1999: If it's free text it should be easy to include something like that.
(01:25:39 PM) thl: that would make it possible for a release manager to look at that and say "hey, you build a devel package from a new upstream branch for a stable package; is there any reasons to do that?"
(01:25:51 PM) thl: I'm not sure if that worth the trouble
(01:25:56 PM) thl: it was just an idea
(01:26:21 PM) abadger1999: It might not be worth the trouble but it is possible.
(01:27:34 PM) abadger1999: The problem being that 1) the data is entered by the packager anyway, 2) it can't be a required field as some projects don't have any versioning policy, 3) being free form, it won't be easily parsable by a script.
(01:28:07 PM) thl: abadger1999, well, just keep it in mind; maybe something like that could be helpful later
(01:28:18 PM) abadger1999: But it might help for people wondering why foo 1.3.3 has been out for three weeks and we're still packaging 1.2.8

Down the road it might be nice to provide a end user interface. Allow end users to: Thumbsup/Thumbsdown rate, make comments, contact the maintainer, go to a filled in bugzilla form to submit a bug for the package, provide testing feedback for test versions, etc.